Question

Why is Control Environment considered the most important component of COSO’s internal control model?

Answer 1

COSO is an Enterprise Risk management- Integrated Framework published to define the Internal Control framework for business organisation, particularly listed companies where the stakeholders are common people who invest in securities of the listed company.

COSO focuses on designing of controls based on risk assessment. The COSO framework 2013 formalises the principles embedded in the original more explicitly, incorporates business and oprating environment over past 2 decades, and improves the Framework's ease of use and application.

It also assists finding the gaps in SOX 404 compliance program. The Framework is set out in detail, defining internal control, describing the components of internal control and underlying principles, and providing directiond for all levels of management in designing and implementing internal control and assessing its effectiveness

Control environment is the first neccessity for an organisation to develop with and maintaining a control environment including categorising the criticality and materiality of each business process, plus the owners of the business process. It is also important because control environment organises the following principles of COSO:

1. Exercise oversight responsibility

2. Demonstrates commitment to integrity and ethical values

3.establishes structure, authority and responsibility

4. Enforces accountability